Detailed information about how to configure and use Event Handler with RAW version

bergpb · May 24, 2023, 9:46pm

Hey folks, anyone here have more information how to configure the Event Handler using CheckMK Raw?
I found some links about it but still have some questions:

The /etc/nagios/conf.d is the correct place to add the file? And the events configuration need to be created inside the CheckMK server installation with the name event_handler.cfg?
Is that a way to test if the configuration it’s working?
This example bellow is a good way to how to configure the file?

extra_service_conf["event_handler_enabled"] = [
  ( "1", ["Linux"], ["Service Name"] ),
]

extra_service_conf["event_handler"] = [
  ( "manage_service", ["Linux"], ["Service Name"]),
]

extra_nagios_conf += r"""
  define command{
    command_name   manage_service
    command_line   /usr/local/bin/manage_service.sh $SERVICESTATE$ $SERVICESTATETYPE$ $HOSTADDRESS$
  }
"""

To give more context, the ideia is pretty simple, when CheckMK identify that the service are in a CRITICAL state, will run the script to restart the service.

Here the links that I found for future reference:
https://www.geekbundle.org/selbstheilung-mit-check_mk-event-handler/

bergpb · May 25, 2023, 10:16pm

Here the configuration that I’m using today (All files in CheckMK server):
Files created after login with omd user: sudo su - site_name
etc/check_mk/main.mk

# Main configuration file of Check_MK
# We highly recommend to use WATO to configure Check_MK these days.

extra_service_conf["event_handler_enabled"]=["1", ALL_HOSTS, ALL_SERVICES]
extra_service_conf["event_handler"]=["call_script", ALL_HOSTS, ALL_SERVICES]

etc/nagios/conf.d/custom_commands.cfg

define command{
  command_name   call_script
  command_line   /omd/sites/site_name/etc/nagios/conf.d/script.sh $SERVICESTATE$ $SERVICESTATETYPE$ $HOSTADDRESS$
}

The script content is pretty simple:

#!/bin/bash
echo "CheckMK Event Handler $1 $2 $3" >> /opt/omd/sites/site_name/var/log/check_mk_event.log

The log file don’t show anything, so that means the config is not working for some reason that I can’t identify.

gerald.endres · May 26, 2023, 7:52am

Create/Modify alert handler services:
/opt/omd/sites/[site]/etc/check_mk/conf.d/alert_handlers.mk

Local modifications to ~/etc/check_mk/main.mk are stored in separate files in ~/etc/check_mk/conf.d. These files will presumably not be changed during a CMK update. That is why the alert handler settings are stored in this directory.

Folder for action scripts:
/opt/omd/sites/[site]/local/lib/nagios/plugins/

Logfile for alert handler:
/opt/omd/sites/[site]/var/log/eventhandler.log

Activate changes to alert_handlers.mk inside the CMK instance with:

cmk -R

bergpb · May 26, 2023, 11:56am

Hey @gerald.endres, thanks for the tips, so my CheckMK installation don’t have a file called alert_handlers.mk, I will create it.
Do you have a example of the content for this file?
I’ve tried with this simple example here but the log file was not created:

define example_handler {
    command = "echo Checkmk Alert" >> /omd/sites/site_name/var/log/check_mk_event.log
    state = ["CRIT"]
}

gerald.endres · May 30, 2023, 2:56pm

(of course also usable for linux hosts)

for action scripts with windows hosts

restart (stopped) windows service(s) at critical status
fileinfo (size) to critical, then copy an updated file

.

# Lists of quoted hosts or services are possible:
# ["host1", "host2] or ["service1", "services2"]

extra_service_conf["event_handler_enabled"] = [
  # It is possible to enter several different lines here

  ( "1", ALL_HOSTS, ["Service Syncthing", "Service FOGService"] ),
  ( "1", ALL_HOSTS, ["File C:\\\\ProgramData\\\\checkmk\\\\agent\\\\check_mk.user.yml"] ),
  ( "1", ALL_HOSTS, ["File C:\\\\Users\\\\Admin\\\\admin-scripts\\\\checkmk\\\\check_mk.user.yml"] ),

  # List of host(s)
  #( "1", ["w5", "w6"], ["Service Syncthing", "Service FOGService"] ),

  # Hostgroups or tags - doesn't work
  #( "1", ["Windows"], ["Service Syncthing", "Service FOGService"] ),
]

extra_service_conf["event_handler"] = [
  # It is possible to enter several different lines here

  ( "restart_win_service", ALL_HOSTS, ["Service Syncthing", "Service FOGService"] ),
  ( "copy_check_mk_user_yml", ALL_HOSTS, ["File C:\\\\ProgramData\\\\checkmk\\\\agent\\\\check_mk.user.yml"] ),
  ( "copy_check_mk_user_yml", ALL_HOSTS, ["File C:\\\\Users\\\\Admin\\\\admin-scripts\\\\checkmk\\\\check_mk.user.yml"] ),

  # List of host(s)
  #( "restart_win_service", ["w5", "w6"], ["Service Syncthing", "Service FOGService"] ),

  # Hostgroups or tag - doesn't work
  #( "restart_win_service", ["Windows"], ["Service Syncthing", "Service FOGService"] ),
]

extra_nagios_conf += r"""

# Command to restart a Windows service
define command{
        command_name   restart_win_service
        command_line   $USER2$/restart_win_service $SERVICESTATE$ $SERVICESTATETYPE$ $HOSTADDRESS$ $HOSTNAME$ "$SERVICEDISPLAYNAME$" "$SERVICEOUTPUT$"
        }

"""

extra_nagios_conf += r"""

# Command to copy_check_mk_user_yml
define command{
        command_name   copy_check_mk_user_yml
        command_line   $USER2$/copy_check_mk_user_yml $SERVICESTATE$ $SERVICESTATETYPE$ $HOSTADDRESS$ $HOSTNAME$
        }

"""